<?php
if(!empty($_GET['id'])){
    session_start();
    $id = (int)$_GET['id'];
    include 'conn.php';
    $sql = "select title,body,level,user_id from article where id = ?;";
    $stmt = $conn->prepare($sql);
    $stmt->bind_param("i", $id);
    $stmt->execute();
    $result = $stmt->get_result();
    $info = $result->fetch_assoc();
    if ($info['user_id'] == $_SESSION['id'] or $_SESSION['level'] === 0) {
    ?>
    <form action="" method="post" enctype="multipart/form-data">
        <input type="text" name="title" value="<?php echo $info['title']; ?>">
        <input type="text" name="body" value="<?php echo $info['body']; ?>">
        <input type="text" name="level" value="<?php echo $info['level']; ?>">
        <input type="submit" name="submit" value="提交">
    </form>
    <?php
    }
    else{
        die("<script>alert('当前文章不存在或权限不足')</script>");
    }
    if(isset($_POST['submit'])) {
        $title = htmlspecialchars($_POST['title']);
        $body = htmlspecialchars($_POST['body']);
        $level = (int)$_POST['level'];
        $sql = "UPDATE article SET title = ? , body = ?, level = ?  WHERE id = ?;";
        $stmt = $conn->prepare($sql);
        $stmt->bind_param("ssii", $title, $body, $level, $id);
        if ($stmt->execute() === true) {
            header('Location: index.php');

            die($conn->close());
        } else {
            echo "<script>alert('修改内容失败')</script>";
            $stmt->close();
            $conn->close();
        }
    }
}
?>